Randall Hand schrieb:
WEll, I understand the SSH way as I use it regularly, but I'm having a hard time finding documentation and examples on the SSL way to do this. Do you have any code examples, or know where I might find some? I managed to figure out how to do DH matching, which gives me encryption but no authentication. I also managed to figure out full certificate work with RSA, but (as I said) it seemed to require the Key, CErtificate, & Password on both ends.
Some sample code: http://www.opensslbook.com/code.html The book is also nice reading...
You should not need keys or Password on the client side (if you don't want to do client authentication). Also you should not need the server's certificate in advance (it is sent to the client during SSL handshake), just the certificate of it's CA. OK, in case of self signed certificates that's the same... ;)
I guess you are setting up "client" and "server" symmetrically (a peer-to-peer setup), so both sides want to authenticate and therefore need keys and password. In the most common SSL applications (like HTTPS) usually only the server authenticates and the client remains anonymous. Some code snippets of your SSL related code might help to evaluate if I am guessing correct...
Hope it helps, Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
smime.p7s
Description: S/MIME Cryptographic Signature
